Search for packages
| purl | pkg:deb/debian/chromium@135.0.7049.95-1 |
| Tags | Ghost |
| Next non-vulnerable version | 137.0.7151.119-1 |
| Latest non-vulnerable version | 137.0.7151.119-1 |
| Risk | 7.8 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2wxs-qgr7-kqhx
Aliases: CVE-2025-4052 |
Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-3drb-8ucq-tbbx
Aliases: CVE-2025-4096 |
Heap buffer overflow in HTML in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-6gq9-kpha-jqcn
Aliases: CVE-2025-4664 |
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. |
|
VCID-axcr-75cx-4bd7
Aliases: CVE-2025-4609 |
Affected by 0 other vulnerabilities. |
|
|
VCID-h9qv-fk5a-pyaj
Aliases: CVE-2025-4050 |
Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 8 other vulnerabilities. |
|
VCID-um8d-n9be-hkav
Aliases: CVE-2025-4051 |
Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 8 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-05-17T14:46:15.429139+00:00 | Debian Importer | Affected by | VCID-6gq9-kpha-jqcn | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-15T16:22:28.583651+00:00 | Debian Importer | Affected by | VCID-axcr-75cx-4bd7 | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-03T17:02:13.902254+00:00 | Debian Importer | Affected by | VCID-h9qv-fk5a-pyaj | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-03T12:51:49.656536+00:00 | Debian Importer | Affected by | VCID-2wxs-qgr7-kqhx | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-02T09:12:00.743722+00:00 | Debian Importer | Affected by | VCID-um8d-n9be-hkav | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-02T08:46:55.084684+00:00 | Debian Importer | Affected by | VCID-3drb-8ucq-tbbx | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |